<?php
if(!defined('IN_MANU')){ 
	die('[ERROR] You cannot load this page directly !!!');
}

class PrivilegeManager 
{
	private $db = null;
	
	function __construct($db)
	{
		$this->db = $db;
	}
	public function getDBA($user = null){
		$query = "select * from dba_role_privs where granted_role = 'DBA' and grantee = ". var_export(strtoupper($user), true);
		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	public function hasDBA($user = null)
	{
		$dba = $this->getDBA($user);
		return (count($dba) != 0);
	}
	
	public function getSysPrivsFrom($user = 0){
		
		$dba = $this->getDBA($user);
		if(count($dba) == 0)
			$query = 'SELECT DISTINCT PRIVILEGE, ADMIN_OPTION 
		              FROM dba_sys_privs WHERE grantee = '. var_export($user, true);
		else 
			$query = 'SELECT DISTINCT PRIVILEGE
		              FROM dba_sys_privs';
		
		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	public function getObjPrivsFrom($user = null)
	{
		$dba = $this->getDBA($user);
		if(count($dba) == 0)
			$query = 'SELECT DISTINCT PRIVILEGE, TABLE_NAME, GRANTABLE
		              FROM dba_tab_privs WHERE grantee = '. var_export(strtoupper($user), true);
		else
			$query = 'SELECT DISTINCT PRIVILEGE
		              FROM dba_tab_privs';
	
		
		$res = $this->db->getData($query, 'privilege');
	
		return $res;
	}
	
	public function getBasicInfo($priv = null, $table = null)
	{
		//this query is for admin user
		//TODO:	need to modify
		$query = 'SELECT * FROM DBA_SYS_PRIVS';
		
		if ($priv != null) {
			if (!($this->isSysPriv($priv)))
				$query = 'SELECT * FROM DBA_TAB_PRIVS';
				$query .= ' WHERE privilege = ' . var_export($priv, true);
			if ($table != null)
				$query .= ' AND table_name = ' . var_export($table, true);
		}
		
		$res = $this->db->getData($query, 'privilege');
	
		return $res;
	}
	
	public function editGrantSysPrivs($priv = null, $granttorole = null, $granttouser = null, $revoke = null ,$adminoption = null)
	{
		$userMan = $this->db->get('userManager');
		$user = $userMan->getCurrentUser();
		$pass = $userMan->getPassOfCurrentUser();
		$this->db->closeConnection();
		$this->db->startConnectionWith($user, $pass);
		
		if($granttorole != ""){
			$query3 = "GRANT ".$priv." TO ".$granttorole;
			if ($this->db->dbQuery($query3)) {
				$_SESSION['message'] = 'grant';
			}
			else {
				$_SESSION['message'] = 'error';
			};
			
		}
		if($granttouser != ""){
			$query4 = "GRANT ".$priv." TO ".$granttouser;
			if ($adminoption == "1") {
				$query4.=" WITH ADMIN OPTION";
			}
			if ($this->db->dbQuery($query4)) {
				$_SESSION['message'] = 'grant';
			}
			else {
				$_SESSION['message'] = 'error';
			};
		}
		if($revoke != "") {
			$query5 = "REVOKE ".$priv." FROM ".$revoke;
			
			if ($this->db->dbQuery($query5)) {
				$_SESSION['message'] = 'revoke';
			}
			else {
				$_SESSION['message'] = 'error';
			};
		}
		
		$this->db->closeConnection();
		$this->db->startConnection();
	}
	
	public function editGrantObjPrivs($priv = null, $table = null, $granttorole = null, $granttouser = null, $revoke = null ,$grantoption = null)
	{
		$userMan = $this->db->get('userManager');
		$user = $userMan->getCurrentUser();
		$pass = $userMan->getPassOfCurrentUser();
		$this->db->closeConnection();
		$this->db->startConnectionWith($user, $pass);
		
		if($granttorole != ""){
			$query3 = "GRANT ". $priv . " ON " . $table. " TO ".$granttorole;
			if ($this->db->dbQuery($query3)) {
				$_SESSION['message'] = 'grant';
			}
			else {
				$_SESSION['message'] = 'error';
			};
		}
		if($granttouser != ""){
			$query4 = "GRANT ".$priv. " ON " . $table . " TO ".$granttouser;
			if ($grantoption == "1") {
				$query4.=" WITH GRANT OPTION";
			}
			if ($this->db->dbQuery($query4)) {
				$_SESSION['message'] = 'grant';
			}
			else {
				$_SESSION['message'] = 'error';
			};
		}
		if($revoke != "") {
			$query5 = "REVOKE ". $priv . " ON " . $table . " FROM ".$revoke;
				
			if ($this->db->dbQuery($query5)) {
				$_SESSION['message'] = 'revoke';
			}
			else {
				$_SESSION['message'] = 'error';
			};
		}
		
		$this->db->closeConnection();
		$this->db->startConnection();
	}
	
	public function viewSysPriv($username = null){
		$query = 'SELECT DISTINCT privilege
 				  FROM DBA_SYS_PRIVS ';
		$dba = $this->getDBA($username);
		if(count($dba) == 0){
			if ($username != null) {
				$query .= ' WHERE grantee = ' . var_export(strtoupper($username), true);
			}
		}
		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	
	public function getSysPriv($username = null)
	{
		//this query is for admin user
		$query = 'SELECT DISTINCT privilege, admin_option
 				  FROM DBA_SYS_PRIVS ';
				
		if ($username != null) {
			$query .= ' WHERE grantee = ' . var_export(strtoupper($username), true);
		}
	
		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	public function getObjPriv($username = null)
	{
		//this query is for admin user
		$query = 'SELECT DISTINCT privilege, table_name, owner, grantor, grantable
				  FROM dba_tab_privs' ;
		
		if ($username != null) {
			$query .= ' WHERE grantee = ' . var_export(strtoupper($username), true);
		}
		
		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	/*
	 * @description:	Just get privileges' name
	 * 
	 */
	public function getObjPrivName($username = null)
	{
		//this query is for admin user
		$query = 'SELECT DISTINCT privilege, grantable
				  FROM dba_tab_privs' ;
		
		if ($username != null) {
			$query .= ' WHERE grantee = ' . var_export(strtoupper($username), true);
		}
		
		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	/*
	 *@description:	Check whether one privilege is system priv or not
	 * 
	 */
	public function isSysPriv($priv) 
	{
		$query = 'SELECT *
				  FROM dba_sys_privs
				  WHERE privilege = ' . var_export($priv, true);
		
		$res = $this->db->getData($query, 'privilege');
		
		if (count($res) == 0)
			return false;
		else 
			return true;
	}
	
	/*
	 *@description:	Check whether one privilege is object priv or not
	 *
	 */
	public function isObjPriv($priv)
	{
		$query = 'SELECT *
			      FROM dba_tab_privs
				  WHERE privilege = ' . var_export($priv, true);
	
		$res = $this->db->getData($query, 'privilege');
	
		if (count($res) == 0)
		return false;
		else
		return true;
	}
	
	/*
	 * @description: Get users who is granted the privilege
	 * 
	 */
	public function getGranteeOf($priv, $from, $tbl = null)
	{
		if ($tbl == null)
			$query = "SELECT DISTINCT GRANTEE, ADMIN_OPTION
			 	 	  FROM $from 
			 	 	  WHERE privilege = " . var_export($priv, true);
		else 
		$query = 	  "SELECT DISTINCT GRANTEE, GRANTABLE
				 	  FROM $from 
					  WHERE privilege = " . var_export($priv, true) . " AND table_name = " . var_export($tbl, true);

		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	/*
	 * @description:	Get TABLE_NAMEs that one privilege use on
	 * 
	 */
	public function getTableNameOf($priv, $user = null)
	{		
		
		$query = "SELECT DISTINCT TABLE_NAME
				  FROM DBA_TAB_PRIVS
				  WHERE privilege = " . var_export($priv, true);			
		
		if ($user != null) {
			$query .= " AND grantee = " . var_export(strtoupper($user), true);
		}
		
		$res = $this->db->getData($query, 'privilege');
			
		
		return $res;
	}
	
	public function getTableNameList($priv)
	{
		$userMan = $this->db->get('userManager');
		$user = strtoupper($userMan->getCurrentUser());
		
		$query  = "SELECT DISTINCT TABLE_NAME
				  FROM DBA_TAB_PRIVS
				  WHERE grantee =  " . var_export($user, true) . " AND privilege = " . var_export($priv, true) . " AND grantable = 'YES'";			
		
		$res1 = $this->db->getData($query, 'privilege');		
				
		$query = "SELECT DISTINCT TABLE_NAME
							  FROM DBA_TABLES
							  WHERE owner = " . var_export($user, true);
			
		$res2 = $this->db->getData($query, 'privilege');
		return array_merge($res1, $res2);
		
	}
	
	public function getUserOf($priv)
	{
		$query = 'SELECT DISTINCT grantee, admin_option
				  FROM DBA_SYS_PRIVS
			      WHERE privilege = ' . var_export($priv, true);
	
		$res = $this->db->getData($query, 'privilege');
	
		return $res;
	}
		
	public function getUserOfSysPriv($priv)
	{
		$query = 'SELECT DISTINCT grantee
			      FROM DBA_SYS_PRIVS
		          WHERE privilege = ' . var_export($priv, true);
		
		$res = $this->db->getData($query, 'privilege');
		
		return $res;
	}
	
	public function getUserOfObjPriv($priv)
	{
		$query = 'SELECT DISTINCT grantee
				  FROM DBA_TAB_PRIVS
			      WHERE privilege = ' . var_export($priv, true);
	
		$res = $this->db->getData($query, 'privilege');
	
		return $res;
	}
	
	public function getOwnerOfTable($tbl)
	{
		$query = 'SELECT DISTINCT OWNER 
				  FROM 	DBA_TAB_PRIVS
				  WHERE TABLE_NAME = ' . var_export($tbl, true);
		
		$res = $this->db->getData($query, 'privilege');
		
		if ($res)
			return $res[0];
		else 
			return '';
	}
	
	public function getTableOfUser($username)
	{
		$query = "SELECT DISTINCT TABLE_NAME
				  FROM DBA_TABLES
				  WHERE owner = " . var_export(strtoupper($username), true);
		
		$res = $this->db->getData($query, 'privilege');
			
		return $res;
	}
}